Attack Recovery Project
Overview
This work focused on how to recover a database after it is
attacked by a set of malicious transactions that corrupt data. Attack recovery
has two aspects: damage assessment and repair. Using checkpoints is simple, but
it can sacrifice a lot of good work. If we can stop the database server to do
attack recovery, then a technique similar to cascading abort can work. However,
since many critical database servers need to be 24*7 available and temporarily
making the database shut down can be the real goal of the attacker, on-the-fly
attack recovery which never stops the database is necessary in many cases.
However, on-the-fly attack recovery faces several unique challenges (compared
with traditional database recovery): (1) we need to do repair forwardly; (2)
cleaned data objects could be re-damaged during attack recovery; (3) the attack
recovery may never terminate in some cases. We have developed both syntact and
semantics based attack recovery algorithms. Our syntact-based framework
successfully addresses these three challenges. Our semantics-based approach is
(in most cases) strictly better than commutativity based repair.
Papers
- P. Liu, P. Ammann, S. Jajodia.
"Rewriting Histories: Recovering From Malicious Transactions",
Distributed and Parallel Databases, Vol. 8, No. 1, January 2000, pages
7-40. [Download]
- P. Ammann, S. Jajodia, P. Liu.
"Recovering from Malicious Transactions", IEEE Trans. on
Knowledge and Data Engineering, To appear. 2002. [Download]
- P. Liu, S. Jajodia. Trusted Recovery and
Defensive Information Warfare, Kluwer Academic Publishers, 2002. ISBN
0-7923-7572-6.
- P. Liu, S. Jajodia. “Multi-phase
damage containment in database systems for intrusion tolerance”, In Proc. 14th IEEE Computer Security
Foundations Workshop, 2001.
- H. Wang, P. Liu, L. Li. “Evaluating
the impact of intrusion detection deficiencies on the cost-effectiveness
of attack recovery”, In Proc.
7th Information Security Conference, 2004.
People
- Peng Liu (